New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Mandrill Security Vulnerability!
Just got this through email: More info
**Important Security Notification From Mandrill**
We're writing to let you know that we recently discovered a security vulnerability in Mandrill's infrastructure that you should be aware of. At this time, we're confident that no customer data was compromised as a result of the vulnerability, but we feel it's our responsibility to let you know exactly what happened and what we're doing about it.
We discovered evidence on March 10 that automated attempts were made against Mandrill's internal logging servers in an effort to use them in a botnet. Analysis of the impacted servers, including network traffic logs and files present on the servers, indicates that these attempts were unsuccessful. There are no signs that the servers were targeted to access the data stored on them.
Upon further investigation, we found that the opportunity for this attack stemmed from a firewall change we made on February 20 in order to more granularly control access to some of Mandrill's servers. Parts of Mandrill's infrastructure are hosted with Amazon Web Services (AWS), and we use EC2 Security Groups to control access. One change was made to a security group that contained more servers than we intended to affect. As a result, a cluster of servers hosting Mandrill's internal application logs was made publicly accessible instead of allowing internal-only access...........`
Comments
Do people get fired for such a mistake ?
nah, slap on the wrist (unless u're a junior)
You missed the important bits.
The email was long, which is why i attached it on a pastie on the top of the OP.
What a good thing email is not used for confidential information!
I'm sure they're fine.
Never. We do not know if the sun will rise tomorrow for sure.
Or some "volunteer" will "misfire" some nuke.
From the way that is worded, looks like some scanner reached some IPs which should have not been on the net unprotected, but the OS was updated and/or the scripts did not find the vulnerable services they were looking for.
Human error. It'll always be there until our computer overlords take care of everything.